Cryptographic service provide error

While signing PDF documents in Acrobat DC or Acrobat Reader DC, you see the following error message:

"Windows Cryptographic Service provider reported an error: Key does not exist. Error code: 2148073485"

Background: SHA256 has been the default hashing algorithm in Acrobat since version 9.1. However, in previous releases, if the signature device (for example, smart card or USB token) or its driver doesn’t support SHA256 or higher hashing, to prevent failure, Acrobat or Reader used to silently fall back to use SHA1 hashing while creating the signature.

What has changed in Acrobat DC and Reader DC (15.016.20039): With Acrobat DC and Acrobat Reader DC release 15.016.20039, Adobe is enforcing the use of the requested hashing algorithm. Due to high customer demand for regulatory and industry compliance, Adobe has removed the silent fallback to SHA1 hashing. That’s why you see the error message, and subsequently signing fails if the requested hashing algorithm is not supported.

Solution: Check for an updated driver

Check with your signature device or driver manufacturer for an updated driver that may resolve this error.

If the requested hashing algorithm is not supported by the signature device, then the solution is to set registry key aSignHash to SHA1 as described on this page. However, this is not a recommended approach as this would set SHA1 as the default hashing algorithm for all signatures, which is considered deprecated industry wide. Therefore, Adobe strongly recommends checking with your signature device or driver manufacturer to get a newer device or driver that supports SHA256 or higher hashes.

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy